<?php

require_once('msc-load.php');

function NewUser() { 
	
	global $db;
	$firstName = $_POST['FirstName']; 
	$lastName = $_POST['LastName'];
	$phone = $_POST['Phone'];
	$email = $_POST['Email']; 
	
	$password = $_POST['Password']; 	// first check password as unicode
	$level = 0;	// for all simple - users that can register from front -end 
	
	
	if(checkEmail($email)==true && checkPassword($password)==true) {
	$password = md5($_POST['Password']); // convert to md5 for storing!!!
	$query = "INSERT INTO USERS (Password,Email,FirstName,LastName,Phone,Level) 
						VALUES ('$password','$email','$firstName','$lastName','$phone','$level')"; 
	$data = $db->query($query); 
	if($data) { 
		header('Location: ../signup.php?success=true');
	} 
	}
	else {
		header('Location: ../signup.php?success=password_error');
	}
	

} 

function SignUp() { 

	if(!empty($_POST['Email'])) //checking the 'Email' name which is from Sign-Up.html, is it empty or have some text 
	{ 
		global $db;
		$tempQuery = "SELECT * FROM USERS WHERE Email = '$_POST[Email]'"; 
		$result = $db->query($tempQuery); 
		
		if ($result->num_rows == 0){ 
			newuser(); 
		}
		else { 
			header('Location: ../signup.php?success=false');
			//echo "SORRY...YOU ARE ALREADY REGISTERED USER..."; 
		
		} 
	}	 
 }
 
function checkPassword($pwd) {
  
    if (strlen($pwd) < 8) {
        return false;
    }

    if (!preg_match("#[0-9]+#", $pwd)) {
        return false;
    }

    if (!preg_match("#[a-zA-Z]+#", $pwd)) {
        return false;
    }  
	
	return true;
    
}

function checkEmail($email)
  {
    if (filter_var($email, FILTER_VALIDATE_EMAIL))
      return true;
    else
      return false;   
  }
  
	if(isset($_POST['submit'])) { 
	
		SignUp(); 
	} 
?>

